<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: newsletter.php 498 2014-01-30 16:41:38Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 498 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2014-01-30 16:41:38 +0000 (Thu, 30 Jan 2014) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */
define('GLOBAL_COLUMN_LEFT', '0');

require ('includes/application_top.php');

$smarty = new Smarty();

require (DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/source/boxes.php');

require_once (DIR_FS_INC.'inc.random_charcode.php');
require_once (DIR_FS_INC.'inc.validate_email.php');

$info_message = '';
$error_message = '';

if(isset($_GET['action']) && (($_GET['action'] == 'process') || ($_GET['action'] == 'box'))) {
	if(preg_match("/^([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)$/i", $_POST['email'])){
		$vlcode = random_charcode(32);
		$link = href_link(FILENAME_NEWSLETTER, 'action=activate&email='.$_POST['email'].'&key='.$vlcode, 'NONSSL');
	
		$smarty->assign('EMAIL', $_POST['email']);
		$smarty->assign('LINK', $link);
	
		$smarty->caching = false;
		require_once(DIR_FS_INC.'inc.get_mail_body.php');
		$html_mail = $smarty->fetch('html:newsletter_aktivierung');
		$html_mail .= $signatur_html;
		$txt_mail = $smarty->fetch('txt:newsletter_aktivierung');
		$txt_mail .= $signatur_text;
		require_once(DIR_FS_INC.'inc.get_mail_data.php');
		$mail_data = get_mail_data('newsletter_aktivierung');
	
		if ((($_POST['check'] == 'inp') && ($_POST['security_code_newsletter'] == $_SESSION['security_code_newsletter'])) || ($_POST['check'] == 'inp') && ($_GET['action'] == 'box')) {
	
			$check_mail = $db->db_query("SELECT
											customers_email_address,
											mail_status
										FROM
											".TABLE_NEWSLETTER_RECIPIENTS."
										WHERE
											customers_email_address = ".$db->db_prepare($_POST['email'])."");
			if(!$check_mail->_numOfRows) {
				if (isset ($_SESSION['customer_id'])) {
					$customers_id = $_SESSION['customer_id'];
					$customers_status = $_SESSION['customers_status']['customers_status_id'];
					$customers_firstname = $_SESSION['customer_first_name'];
					$customers_lastname = $_SESSION['customer_last_name'];
	
				} else {
					$check_customer = $db->db_query("SELECT
														customers_id,
														customers_status,
														customers_firstname,
														customers_lastname,
														customers_email_address
													FROM
														".TABLE_CUSTOMERS."
													WHERE
														customers_email_address = ".$db->db_prepare($_POST['email']));
					if (!$check_customer->_numOfRows) {
						$customers_id = '0';
						$customers_status = '1';
						$customers_firstname = TEXT_CUSTOMER_GUEST;
						$customers_lastname = '';
	
					} else {
						$customers_id = $check_customer->fields['customers_id'];
						$customers_status = $check_customer->fields['customers_status'];
						$customers_firstname = $check_customer->fields['customers_firstname'];
						$customers_lastname = $check_customer->fields['customers_lastname'];
					}
				}
	
				$sql_data_array = array('customers_email_address' => $_POST['email'],
										'customers_id' => $customers_id,
										'customers_status' => $customers_status,
										'customers_firstname' => $customers_firstname,
										'customers_lastname' => $customers_lastname,
										'mail_status' => '0',
										'mail_key' => $vlcode,
										'date_added' => 'now()');
				$db->db_perform(TABLE_NEWSLETTER_RECIPIENTS, $sql_data_array);
	
				$info_message = TEXT_EMAIL_INPUT;
				$subject = str_replace('{$shop_name}', STORE_NAME, $mail_data['EMAIL_SUBJECT']);
				
				php_mail($mail_data['EMAIL_ADDRESS'],
							$mail_name,
							$_POST['email'],
							'',
							'',
							$mail_data['EMAIL_REPLAY_ADDRESS'],
							$mail_data['EMAIL_REPLAY_ADDRESS_NAME'],
							'',
							'',
							$subject,
							$html_mail,
							$txt_mail);
						
			} else {
				if ($check_mail->fields['mail_status'] == '0') {
	
					$error_message = TEXT_EMAIL_EXIST_NO_NEWSLETTER;
	
					php_mail($mail_data['EMAIL_ADDRESS'],
								$mail_name,
								$db->db_prepare($_POST['email']),
								'',
								'',
								$mail_data['EMAIL_REPLAY_ADDRESS'],
								$mail_data['EMAIL_REPLAY_ADDRESS_NAME'],
								'',
								'',
								$mail_subject,
								$html_mail,
								$txt_mail);
	
				} else
					$error_message = TEXT_EMAIL_EXIST_NEWSLETTER;
			}
			unset($_SESSION['security_code_newsletter']);
			unset($_SESSION['captcha']);
			
		} else
			$error_message = TEXT_WRONG_CODE;
	
		if ((($_POST['check'] == 'del') && ($_POST['security_code_newsletter'] == $_SESSION['security_code_newsletter'])) || (($_POST['check'] == 'del') && ($_GET['action'] == 'box'))) {
	
			$check_mail = $db->db_query("SELECT 
												customers_email_address 
											FROM 
												".TABLE_NEWSLETTER_RECIPIENTS." 
											WHERE 
												customers_email_address = ".$db->db_prepare($_POST['email']));
			if (!$check_mail->_numOfRows)
				$error_message = TEXT_EMAIL_NOT_EXIST;
	
			else {
				$del_query = $db->db_query("DELETE FROM ".TABLE_NEWSLETTER_RECIPIENTS." WHERE customers_email_address = ".$db->db_prepare($_POST['email']));
				$info_message = TEXT_EMAIL_DEL;
			}
			unset($_SESSION['security_code_newsletter']);
			unset($_SESSION['captcha']);
		}
	} else
		$message_stack->add(ENTRY_EMAIL_ADDRESS_CHECK_ERROR, 'error');
}

// Accountaktivierung per Emaillink
if (isset ($_GET['action']) && ($_GET['action'] == 'activate')) {
	$check_mail = $db->db_query("SELECT
										mail_key
									FROM
										".TABLE_NEWSLETTER_RECIPIENTS."
									WHERE
										customers_email_address = ".$db->db_prepare($_GET['email']));
	if (!$check_mail->_numOfRows) {
		$error_message = TEXT_EMAIL_NOT_EXIST;

	} else {
		if ($check_mail->fields['mail_key'] != $_GET['key'])
			$error_message = TEXT_EMAIL_ACTIVE_ERROR;

		else {
			$db->db_query("UPDATE
								".TABLE_NEWSLETTER_RECIPIENTS."
							SET
								mail_status = '1'
							WHERE
								customers_email_address = ".$db->db_prepare($_GET['email']));
			$info_message = TEXT_EMAIL_ACTIVE;
		}
	}
}

// Accountdeaktivierung per Emaillink
if (isset($_GET['action']) && ($_GET['action'] == 'remove')) {
	$check_mail = $db->db_query("SELECT
									customers_email_address,
									mail_key
								FROM
									".TABLE_NEWSLETTER_RECIPIENTS."
								WHERE
									customers_email_address = ".$db->db_prepare($_GET['email'])."
								AND
									mail_key = ".$db->db_prepare($_GET['key']));

	if(!$check_mail->_numOfRows) {
		$error_message = TEXT_EMAIL_NOT_EXIST;

	} else {
		if(!validate_email($check_mail->fields['customers_email_address'], $_GET['key']))
			$error_message = TEXT_EMAIL_DEL_ERROR;
			
		else {
			$db->db_query("DELETE
							FROM
								".TABLE_NEWSLETTER_RECIPIENTS."
							WHERE
								customers_email_address ='".$_GET['email']."'
							AND
								mail_key = '".$_GET['key']."'");
			$info_message = TEXT_EMAIL_DEL;
		}
	}
}

$breadcrumb->add(NAVBAR_TITLE_NEWSLETTER, href_link(FILENAME_NEWSLETTER, '', 'NONSSL'));

require(DIR_WS_INCLUDES.'header.php');
$captcha_site = '_newsletter';
include('captcha.php');
$smarty->assign('VVIMG', '<img src="captcha.php?show=true&name=newsletter" alt="Captcha" />');

$smarty->assign('text_newsletter', TEXT_NEWSLETTER);
if(!empty($info_message))
	$smarty->assign('info_message', '<div class="headerInfo shadow">'.$info_message.'</div>');
if(!empty($error_message))
	$smarty->assign('error_message', '<div class="headerError shadow">'.$error_message.'</div>');

if(isset($_GET['action']) && ($_GET['action'] == 'box' || $_GET['action'] == 'remove' || $_GET['action'] == 'activate' || $_GET['action'] == 'process'))
	$smarty->assign('box_activation', true);

$smarty->assign('FORM_ACTION', draw_form('sign', href_link(FILENAME_NEWSLETTER, 'action=process', 'NONSSL')));
$smarty->assign('INPUT_EMAIL', draw_input_field('email', $_POST['email']));
$smarty->assign('INPUT_CODE', draw_input_field('security_code_newsletter', '', 'size="6" maxlength="6" style="width:30px;text-align:center"', 'text', false));
$smarty->assign('CHECK_INP', draw_radio_field('check', 'inp', (!isset($_POST['check']) ? true : false)));
$smarty->assign('CHECK_DEL', draw_radio_field('check', 'del'));
$smarty->assign('BUTTON_SEND', image_submit('button_send.gif', IMAGE_BUTTON_SEND));
$smarty->assign('FORM_END', '</form>');

$smarty->assign('language', $_SESSION['language']);
$smarty->caching = false;
$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/newsletter.html');
$smarty->assign('main_content', $main_content);

$smarty->assign('language', $_SESSION['language']);
$smarty->caching = false;
$smarty->loadFilter('output', 'note');
$smarty->loadFilter('output','trimwhitespace');
$smarty->display(CURRENT_TEMPLATE.'/index.html');
include('includes/application_bottom.php');
?>